03-23-2007 03:38 PM
Hello,
Actually I need to know the possibility to have one interface on a router configured for NATing and a crypto map for L2L VPN.
Is there any overlapping or confusion might happened !!!
For example:
interface GigabitEthernet0/1
ip address 192.168.6.12 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
crypto map xxx-vpn
03-29-2007 12:45 PM
I think it is fine to have one interface configured for NAT and Crypto as NAT translation is done before encryption also de-cryption is done before NAT translation. Following link may help you
http://www.cisco.com/en/US/customer/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml
04-12-2007 08:34 AM
Yeah it works fine with me. I have configured router serial interface to do nat and also has a crypto map on it.
Well what seems tricky to me is , can the the serial interface ip itself can be used to nat (overload) internal ip used for a vpn tunnel and be a peering ip for the remote peer at the same time.
Can someone add to this.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide